[dba-Tech] Security

Jim Lawrence accessd at shaw.ca
Sat Mar 15 23:38:13 CDT 2014


Hi John:

Yes  WPA/WPA2...but unfortunately, it seems that signals from a Wi-Fi, if close enough can be intercepted, say like an adjacent store and as I understand it, they are not encrypted. (I posted a link to a site that hosts a huge inventory of hacks, a couple of weeks ago on the DBA-Tech list, that has all sorts of tests for breaking into our standard cheap bottom end routers like DLinks...really easy...Wi-Fi, old defective bios code and default weak password is the major hole according to sites tools.) 

Aside: IMHO, the NSA revelations have done a lot to encourage people to strengthen their personal and company security. Most of the NSA hacks were just purchased or ripped off from various market-place hack selling sites, on the web. It is all be business. Nowadays, I think the only virus detection application that can be trusted is from Kaspersky labs as they were the only company that officially detected a number of state sponsored malware....US, Israeli and Russian. Of course the only real protection is anything that is encrypted with something like AES 256. 

You are right, security can never be 100 percent. The only hope is to make it as difficult and expensive as possible for anyone trying to breach defences.

Jim  

----- Original Message -----
From: "DJK (John) Robinson" <djkr at msn.com>
To: "Discussion of Hardware and Software issues" <dba-tech at databaseadvisors.com>
Sent: Saturday, March 15, 2014 3:33:09 PM
Subject: Re: [dba-Tech] Security

Hi Jim

First of all, stress the *need* for security, and the fact that there are career criminals and malcontents determined to
breach your defences.

Secondly, never assume that your defence is 100%, because it's not.  Don't be complacent!

Then, get on to the nitty-gritty details ...

It's inculcating a culture of security-mindedness that is key.

John


-----Original Message-----
From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Jim Lawrence
Sent: 15 March 2014 19:07
To: Discussion of Hardware and Software issues
Subject: [dba-Tech] Security


Hi all:

I have been asked to give a little talk about security to a company and it workers come Monday.

The subject of the speech will go something like this:

One, Make sure the router is set up property whether at the office or home. Change the password from the default,
something around ten plus digits, a mix of numbers, upper and lower case and special characters. Older routers should be
replaced as they can be hacked. If you want security, limit your dependency on Wi-Fi. (There is software out there that
can read the Wi-Fi signal and I would suspect write it.) So don't use Wi-Fi in the office. Don't open any router ports
other than 80 or 8080. If you do have to have other open ports, the Virtual drives are your friend...just set up your
router to point towards the appropriate virtual drive's IP address triggered by the data arriving on a specific port
number. (Note: limit ports open that do not have application continually listening on them.)   

Two, if you are using XP, start using another browser. The IE browsers supported by XP are not safe.

Three, watch what you open in your mail client. This is where most if not all malware originates from. If you are at
work and if in doubt, never open it.

That is a quick off the top list of talking points. If anyone could recommend further important items to discuss it
would be greatly appreciated.

MTIA

Jim 
_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com


_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com


More information about the dba-Tech mailing list